CN106454815A - Routing method for wireless sensor network based on LEACH protocol - Google Patents

Abstract

The invention discloses a routing method for a wireless sensor network based on an LEACH protocol. The method comprises the following steps of carrying out initialized deployment on all nodes in the whole network; entering an authentication broadcast stage; entering a clustering stage; and entering a data transfer stage, wherein the authentication broadcast stage is as follows: a base station broadcasts and updates security control information, and the nodes are updated after obtaining broadcast information; the clustering stage is as follows: a cluster head node is elected and an optimal cluster head node is selected to enter a cluster from common nodes; and each cluster head node selects a monitoring cluster head node and the monitoring cluster head node enters into the cluster; the data transfer stage is as follows: all common nodes transmit data to the cluster heads of the clusters where the common nodes are located; and meanwhile, each monitoring cluster head node transmits a testing data packet to a monitored cluster head node and transmits a tracking data packet to the base station; after the cluster head node receives the data, the cluster head node transmits a random number and the data which received in the base station broadcast stage to the base station; and the base station detects whether the network has attacks, such as tampering and packet loss, through checking the data sent by all cluster heads. According to the method, the security is improved while the system energy consumption is reduced, so that the network can effectively resist the attacks.

Description

A kind of wireless sensor network routing method based on LEACH agreement

Technical field

The present invention relates to a kind of wireless sensor network (Wireless Sensor Networks, WSN) technical field, special It is not related to one kind and be based on LEACH (low power consumption adaptive cluster laminated devices, Low Energy Adaptive Clustering Hierarchy) the wireless sensor network routing method of agreement.

Background technology

The network system of the self-organizing that WSN is made up of the sensor node in a large number with radio communication function.This There is wireless, multi-hop transmission ability cheap microsensor node a bit and be deployed in monitored area by substantial amounts of, collaborative perception, adopt Data in monitor set region, and transmit data to base station or aggregation node.Routing Protocol, MAC protocol, data anastomosing algorithm etc. It is the main research direction of WSN.Wherein, Routing Protocol is one of key technology of WSN, determines the transmission of data and forwards road Footpath.Currently there is the Routing Protocol of various ways, but these Routing Protocols usually not consider safety problem at the beginning of design, have A little even have serious potential safety hazard and leak in actual applications.In the course of Information Technology Development, safety research is An inevitable link, either the Internet, industry computer, or WSN, safety is all a vital technical need. LEACH agreement is first hierarchical Routing Protocol, cluster head random-selection node in a circulating manner, by the energy of whole network Load average is assigned in each sensor node, thus reducing network energy resource consumption, improving network entirety life span Purpose.It is more the problems such as consider energy-optimised, distributed information processing at the beginning of design, asks without being related to safety Topic.In addition to the potential safety hazards such as the data confidentiality of WSN generally existing, integrity, access control, also there is it in LEACH agreement Distinctive security breaches.For example in the cluster stage, the cluster that enters of ordinary node is the cluster head conduct selecting broadcast singal energy the strongest Optimum cluster head, in this regard, a laptop type attacker can be broadcasted to the whole network with its powerful transmitting-receiving ability in the cluster stage False HELLO bag, attracts all or part node in network to enter cluster.Attacker, can further start to select by rear in attraction road Selecting property forwards, distorts, resetting, packet loss, exhaust etc. and to attack, and such as starts selective forwarding to attack suppressing the data of somewhere node and sends out Send.

Content of the invention

It is an object of the invention to overcoming shortcoming and the deficiency of prior art, provide a kind of wireless based on LEACH agreement Sensor network routing method.While the method increasing security of system, reduce as far as possible and bring because security mechanism introduces Energy consumption increase sharply.Meanwhile, using low power dissipation design strategy, extend the time-to-live of network.

The purpose of the present invention is achieved through the following technical solutions：A kind of wireless sensor network road based on LEACH agreement By method, step is as follows：

The all nodes of S1, the whole network carry out initialization deployment；

S2, entrance certification broadcast phase：Base station includes the data of security control information and periodic to the whole network broadcast Update security control information, this security control information includes a random number, and each node is getting the safety control of base station broadcast After information processed, the correctness of this security control information is verified, to currently stored security control information after having verified It is updated；Certification broadcast phase enters step S3 after terminating；

S3, entrance cluster stage：All nodes run cluster head election algorithm, after completing election of cluster head, elected leader cluster node To the whole network broadcast message, all ordinary nodes, after the broadcast message receiving multichannel leader cluster node, select optimum leader cluster node Carry out into cluster；Meanwhile, the leader cluster node broadcast message that each leader cluster node receives according to it, chooses optimum leader cluster node as it Monitoring leader cluster node, and to monitoring leader cluster node send ask into cluster information so that monitor leader cluster node enter cluster to be monitored Leader cluster node place cluster；

The stable data transfer phase of S4, entrance：All ordinary nodes are obtaining the laggard line number of time slot in its affiliated cluster According to transmission, transfer data to the cluster head of its place cluster；Monitoring leader cluster node gets its monitored leader cluster node institute simultaneously After the time slot of cluster, transmitting test data bag is to its monitored leader cluster node, and transmits tracking data bag to base station；Cluster head section Verified after selecting the data receiving in cluster and checked its integrity, after collecting all valid data, by data and Send base station to after the random number that certification broadcast phase receives is packed, the random number that base station is broadcasted and cluster head section The random number that point sends is contrasted, consistent to verify whether, if adopting the link authentication between leader cluster node and base station unanimously.

Preferably, in described step S1, initialization deployment includes generation, the distribution of the whole network node identification of base station key chain Storage with symmetric-key security algorithm.

Preferably, the security control information that in described step S2, base station is broadcasted to the whole network includes network master key and node is black List；Base station is derived from the network master key chain of base station stored to the network master key that the whole network is broadcasted；The network of wherein base station stored Master key chain is hash chain；Base station periodically updates network master key and node blacklist in each wheel, if node blacklist Do not change, then will be without broadcast node blacklist during next round.

In described step S4 by send deficiency of data bag to leader cluster node node definition be doubtful malicious node, work as section When point is sent to the deficiency of data bag number of times accounting of leader cluster node more than f%, this node definition is blacklist, and by cluster head Node black list information is sent to base station by node, base station more new node black list information.

Further, the network master key chain of base station stored is：

K₁,K₂,...,K_m-1,K_m；

Wherein m is the number of network master key in network master key chain；Network master key chain meets following relation：

K₁=HASH (K₂)

K₂=HASH (K₃)

......

K_m-1=HASH (K_m)

When base station is to the whole network broadcast safe control information, the first round is to the whole network radio network master key K₁, second takes turns to complete Net radio network master key K₂, the like, take turns to the whole network radio network master key K in m_m；

The data that in this step, base station is broadcasted to the whole network needs to be encrypted, in the present embodiment base station each take turns to Data msg of the whole network broadcast_iFor：

Wherein badList is node blacklist, K_iThe network master key broadcasted to the whole network for the i-th wheel base station,For base Stand in the random number that the i-th wheel generates；

The data that base station is broadcasted to the whole network is broadcasted after encryption, and the data of concrete broadcast is：

WhereinIt is the msg to be sent to base station using the RC5 AES under CBC pattern_i The encryption of cleartext information row obtains cipher-text information；WhereinFor generate based on MD5'sThe message authentication code of cipher-text information, specifically, this message authentication code is numerically equal to close Calculated MD5 value after civilian message and network master key splicing；Represent that base station is broadcasted to the whole network.

In described step S2, all nodes after getting the network master key of base station broadcast, using the Hash letter prestoring The correctness of number checking network master key, confirms that the network master key receiving is rationally effective, if wherein node gets Network master key meet below equation then it is assumed that the network master key getting is correct：

K_i-1=HASH (K_i)；

Wherein K_iFor node in the i-th wheel i.e. when front-wheel broadcast gets network master key, K_i-1For node in the i-th -1 wheel it is Previous round broadcast gets network master key.

Preferably, the security control information of described step S2 interior joint storage includes node key and blacklist list, section , after having verified the correctness of network master key, the network master key being received according to it is to its node key by following public affairs for point Formula is updated：

WhereinNode key before updating for node j i-th wheel, i.e. the node key of the i-th -1 wheel storage, wherein The node key obtaining after the i-th wheel updates for node j, K_iTake turns the network master key of broadcast for base station broadcast i-th, that is, node exists I-th wheel gets network master key, id_jIdentity marks for node j；Wherein set J is the collection of all nodes in network Close；

In described step S3 after node x is elected as leader cluster node, by the network master key being received according to it and section The identity marks of point generate with the cluster key from the current cluster as cluster head：

WhereinThe cluster key generating for leader cluster node x i-th wheel, K_iClose for the network master of base station broadcast i-th wheel broadcast Key, id_xFor the identity marks of leader cluster node x, X is the set of leader cluster node in network, wherein X ∈ J；

In this step, leader cluster node x i-th takes turns and includes cluster head information ADV_CH to the information of the whole network broadcast_xAnd random numberWherein leader cluster node x i-th takes turns and to the information of the whole network broadcast is：

Above- mentioned information is only broadcasted, specially for after encryption：

WhereinThe base station counter value of the whole network nodes sharing producing for the i-th wheel base station counter；It is using the RC5 AES pair under CBC patternCleartext information is encrypted and obtains ciphertext Information；For generating based on MD5'sCipher-text information Message authentication code, specifically, this Message Authentication Code is numerically equal to cipher-text informationWith node Calculated MD5 value after key splicing；Represent that leader cluster node x i-th takes turns to the whole network broadcast；

Ordinary node sends the random number that it receives in leader cluster node broadcast phase when entering cluster, and leader cluster node verifies it Whether the random number of broadcast is consistent with the random number that ordinary node sends, if unanimously, link authentication completes；

In described step S3, monitoring leader cluster node, when entering the monitored leader cluster node of cluster, sends it and broadcasts rank in leader cluster node The random number that section receives, monitored leader cluster node verifies that the random number that the random number of its broadcast is sent with monitoring leader cluster node is No consistent, if unanimously, link authentication completes；

In described step S3 after cluster stage election of cluster head, elected leader cluster node generates cluster key.

Further, in described step S4, ordinary node y carries out data transmission after obtaining the time slot in its affiliated cluster Formula is encrypted using the RC5 AES under CBC pattern, detailed process is as follows before：

Carry out the encryption of data initially with node key, simultaneously incidentally message authentication code, obtain packet

Wherein msg_yFor ordinary node y data to be transmitted, i.e. cleartext information；For ordinary node y in the i-th node taken turns Counter Value, is the remainder sum of base station counter value radix and node counter, as the initial vector of block encryption, wherein remaining Number works as front-wheel data packet count value for node；The random number that ordinary node y generates in the i-th wheel；I is when front-wheel number,For Ordinary node y is in the node key of the i-th wheel；Wherein Y is ordinary node set, wherein Y ∈ J in network；X∪ Y=J；

WhereinIt is to msg using the RC5 AES under CBC pattern_yAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and node counts The remainder of device value is spliced；

Then it is directed to packetEncrypted again, obtained packet

WhereinThe cluster key generating by the leader cluster node x of the entered cluster of ordinary node y,For base station counter i-th The Counter Value of the whole network nodes sharing that wheel produces；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationWith calculated MD5 value after node key splicing.

Finally by the above-mentioned packet encrypted again and obtainAnd the remainder of node counter sends ordinary node to The leader cluster node of place cluster, is then forwarded to base station by leader cluster node；

Further, in described step S4, monitoring leader cluster node z gets its monitored leader cluster node z ' place cluster After time slot, to its monitored leader cluster node, this test data bag adopts under CBC pattern transmitting test data bag before being transmitted RC5 AES is encrypted, and detailed process is as follows：

Carry out the encryption of data initially with leader cluster node key, simultaneously incidentally message authentication code, obtain packet

It is whereinTake turns test data bag to be sent for monitoring leader cluster node z i-th,For monitoring cluster head The random number that node z i-th wheel generates,Node counter value for monitoring leader cluster node z i-th wheel；For monitoring cluster head The node key of node z i-th wheel；

It is using the RC5 AES pair under CBC patternWith Random numberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor generating the ciphertext letter based on MD5 BreathMessage authentication code；Specifically, this Message Authentication Code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and leader cluster node enumerator The remainder of value is spliced；

Then it is directed to packetEncrypted again, obtained：

WhereinThe cluster key generating for monitored leader cluster node z '；

Finally the above-mentioned packet obtaining of encrypting again is transferred to monitored leader cluster node by monitoring leader cluster node：

In described step S4, monitoring leader cluster node is transferred to the tracking packet of base station before being transmitted using under CBC pattern RC5 AES be encrypted, detailed process is as follows：Carry out the encryption of data using its leader cluster node key, incidentally simultaneously Message authentication code, obtains packet

It is whereinFor following the trail of packet,The random number generating for monitoring leader cluster node z i-th wheel,Node counter value for monitoring leader cluster node z i-th wheel；Node key for monitoring leader cluster node z i-th wheel；

WhereinIt is to tracking using the RC5 AES under CBC pattern PacketAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor the ciphertext based on MD5 generating InformationMessage authentication code, specifically, this message authentication code is numerically etc. In cipher-text informationCalculated MD5 value after splicing with node key, then The remainder of MD5 value and node counter value is spliced.

Further, in described step S4, leader cluster node is verified when receiving the packet of cluster interior nodes transmission, Then packet is decrypted, the packet after being deciphered：

WhereinIt is sent to the packet of leader cluster node for node j i-th wheel,Take turns for base station counter i-th and produce The Counter Value of raw the whole network nodes sharing；K_ch-jThe cluster key generating in the i-th wheel place cluster for leader cluster node x；Cluster Packet after the i-th wheel deciphering for the head node x；

Then the packet plaintext that the i-th wheel is received by leader cluster nodeThe identity marks information of leader cluster node x id_x, leader cluster node x i-th wheel generate random numberAnd base station generates random number in the i-th wheelCarry out after packing Compression processes and obtains packet

Furthermore by packetObtained using the RC5 AES encryption under CBC pattern：

WhereinNode counter value for leader cluster node x i-th wheel；

Finally the data after above-mentioned encryption is sent to base station.

Preferably, in described step S3, the threshold function table of the cluster head election algorithm that each node runs is：

Wherein p is leader cluster node accounting, r is when front-wheel number, G are in the set of node not also being elected as leader cluster node when front-wheel Close；E_curN () is node n current remaining, E_aveIt is as the average residual energy of all surviving node of front-wheel, dis_toBS(n) For the distance of node n and base station, dis_ave2bsFor the average distance of all nodes and base station, λ₁、λ₂For weights coefficient, and there is λ₁+ λ₂=1.

Preferably, in described step S3 each ordinary node according to it, the cluster head relative importance value and each leader cluster node between is selected Optimum leader cluster node carries out into cluster, and wherein between ordinary node and leader cluster node, cluster head relative importance value computing formula is as follows：

Wherein P_chThe leader cluster node x broadcast signal strength that (y, x) receives for ordinary node y；

Wherein p_{ch_ave}Y average leader cluster node broadcast signal strength that () receives for ordinary node y；

Wherein dis_ch2bsX () is the distance of leader cluster node x and base station；

Wherein dis_ave2bsAverage distance for all nodes and base station；

Wherein E_chX () is the dump energy of leader cluster node x；

Wherein E_aveFor average leader cluster node dump energy；

Additionally, η₁、η₂、η₃For weighting parameter, and meet η₁+η₂+η₃=1；

Wherein Y is the set of ordinary node in network, and X is the set of leader cluster node in network；

Cluster head relative importance value between ordinary node and each leader cluster node is calculated by above formula, then select with its it Between the maximum leader cluster node of cluster head relative importance value send request into clusters as optimum leader cluster node, then to optimum leader cluster node：

WhereinThe solicited message sending for ordinary node y i-th wheel, including the request into clusters information of the i-th wheelThe random number generating with the i-th wheelK_iThe network master key broadcasted in the i-th wheel for base station, The Counter Value of the whole network nodes sharing producing for base station counter i-th wheel；

WhereinIt is using the RC5 AES pair under CBC patternCleartext information It is encrypted and obtain cipher-text information；

WhereinThe cipher-text information based on MD5 generatingMessage authentication code；SN_y→CH_m:Represent ordinary node y to optimum leader cluster node m send ask into Cluster；

In described step S3, each leader cluster node chooses optimum cluster according to the cluster head relative importance value between itself and other leader cluster node Head node monitors leader cluster node as it, and the cluster head relative importance value computing formula wherein between leader cluster node and other leader cluster nodes is such as Under：

Wherein P_chOther leader cluster nodes n " broadcast signal strength that (x, n ") receives for leader cluster node x；

Wherein p_{ch_ave}X other leader cluster nodes average leader cluster node broadcast signal strength that () receives for leader cluster node x；

Wherein dis_ch2bs(n ") is other leader cluster nodes n " with the distance of base station；

Wherein dis_ave2bsAverage distance for all nodes and base station；

Wherein E_ch(n ") be other leader cluster nodes n " dump energy；

Wherein E_ave' for other all leader cluster nodes average leader cluster node dump energy；

Additionally, α₁、α₂、α₃For weighting parameter, and meet α₁+α₂+α₃=1；

Cluster head relative importance value between each leader cluster node and other leader cluster nodes is calculated by above formula, then select with Between it, other maximum leader cluster nodes of cluster head relative importance value are as monitoring leader cluster node.

The present invention has such advantages as with respect to prior art and effect：

(1) wireless sensor network routing method of the present invention is to realize on based on LEACH agreement, in the inventive method Base station periodically updates security control information, has ensured the robustness of key mechanism.In addition the inventive method is in the cluster stage Node selects optimum leader cluster node to carry out, into cluster, after election leader cluster node, choosing an optimum for each leader cluster node Leader cluster node sends test data to monitored cluster head section as monitoring leader cluster node, the monitoring leader cluster node with dual identity Point, then sent to base station by monitored leader cluster node, monitoring leader cluster node sends and follows the trail of packet to base station simultaneously, wherein follows the trail of Packet is one kind tracking to test data bag, and base station receives test data bag and detects the right of them after following the trail of packet Should be related to, to detect that network whether there is the aggressive behaviors such as packet loss；Wireless sensor network is enable effectively to resist multiple attacking Hit, therefore the inventive method improves the safety of wireless sensor network and reduces the power consumption of system simultaneously.The inventive method The security control information of middle base station broadcast includes a random number, carries wide in certification when leader cluster node sends data to base station The random number that the random number that the stage of broadcasting receives, the random number that base station is broadcasted and leader cluster node send is contrasted, to test Whether card is consistent, thus realizing the link authentication between leader cluster node and base station, further increases the safety of data transfer.

(2) the inventive method is when cluster stage leader cluster node is elected, using residue energy of node, node and base station as choosing Lift according to so that node more than current remaining and and the node near with base station distance to be elected to cluster head probability larger. Consider the distance of residual energy energy, leader cluster node and base station and the cluster head of leader cluster node when optimum leader cluster node is chosen simultaneously Node and the distance of ordinary node, can effectively reduce the power consumption of system, and select most suitable leader cluster node and optimum Leader cluster node.

(3), in the inventive method, the network master key chain of base station stored is hash chain, and base station is in radio network master key chain When consider the backward security of key, after will be unable to be inferred to according to the key of previous round, the key of a wheel is so that network The current wheel secondary key that interior joint cannot be grasped because of itself deduces next round key, further increases the safety of system Property.

(4) in the inventive method, leader cluster node broadcast cluster head information include a random number, ordinary node enter cluster when Wait and its random number receiving in leader cluster node broadcast phase is sent to leader cluster node, the random number that leader cluster node is broadcasted The random number sending with ordinary node is contrasted, consistent to verify whether, thus realizing between ordinary node and leader cluster node The certification of link；Meanwhile, monitoring leader cluster node, when entering the monitored leader cluster node of cluster, returns it and connects in leader cluster node broadcast phase The random number receiving, it is right that the random number that the random number that monitored leader cluster node is broadcasted is sent with monitoring leader cluster node is carried out Ratio is consistent to verify whether, thus realizing monitoring the certification of link between leader cluster node and monitored leader cluster node.Carry further High safety in data transfer for the inventive method.

(5), in the inventive method, packet that ordinary node transmits to leader cluster node, monitoring leader cluster node are to monitored cluster The packet of head node transmission and the packet that transmit to base station of leader cluster node are through encryption and interpolation message authentication Packet after code, wherein each node is all connected with, when generating cipher-text information, the random number that a node generates, to ensure ciphertext Information can resist known ciphertext only attack.

(6) risen for LEACH protocol construction using the symmetric key mechanisms based on predistribution mode in the inventive method a set of Complete key management system, updates network master key, node blacklist and node key by periodic, ensures entirely close The safety of key system.Additionally, the mechanism such as message authentication, link authentication have been merged on key management mechanism, these lightweights The application of security mechanism has played a more healthy and strong reliable security defensive system for LEACH protocol construction.

Brief description

Fig. 1 is the inventive method flow chart.

Fig. 2 is residue of network organization energy diagram in the inventive method.

Fig. 3 is the inventive method interior joint existing state schematic diagram.

Fig. 4 is certain monitoring TEST bag of leader cluster node and the base station reception amount of TRACE bag.

Specific embodiment

With reference to embodiment and accompanying drawing, the present invention is described in further detail, but embodiments of the present invention do not limit In this.

Embodiment

As shown in figure 1, a kind of wireless sensor network routing method based on LEACH agreement in the present embodiment, step is such as Under：

The all nodes of S1, the whole network carry out initialization deployment；Wherein initialization deployment includes generation, the whole network of base station key chain The distribution of node identification and the storage of symmetric-key security algorithm.

S2, entrance certification broadcast phase：Base station includes the number of security control information to the whole network broadcast base station to the whole network broadcast According to and periodically update security control information, this security control information includes a random number, and node is getting base station After the security control information of broadcast, the correctness of this security control information is verified, to currently stored after having verified Security control information is updated；Certification broadcast phase enters step S3 after terminating；In the present embodiment method, base station is to the whole network The security control information of broadcast includes network master key and node blacklist；Base station is derived from base to the network master key that the whole network is broadcasted Stand storage network master key chain.The so-called periodic renewal security control information of this step updates peace in each wheel broadcast Full control information.

S3, entrance cluster stage：All nodes run cluster head election algorithm, after completing election of cluster head, elected leader cluster node To the whole network broadcast message, all ordinary nodes, after the broadcast message receiving multichannel leader cluster node, select optimum leader cluster node Carry out into cluster；Meanwhile, the leader cluster node broadcast message that each leader cluster node receives according to it, chooses optimum leader cluster node as it Monitoring leader cluster node, and to monitoring leader cluster node send ask into cluster information so that monitor leader cluster node enter cluster to be monitored Leader cluster node place cluster；In addition leader cluster node creates TDMA timetable and generates cluster key, and when distributing TDMA in cluster Between table and cluster key.

The stable data transfer phase of S4, entrance：All ordinary nodes are to obtain the tdma slot in its affiliated cluster laggard The transmission of row data, transfers data to the cluster head of its place cluster；Monitoring leader cluster node gets its monitored cluster head section simultaneously After the time slot of point place cluster, transmitting test data bag to its monitored leader cluster node, and transmit tracking data bag to base station；Cluster Verified after the data that head node receives in cluster and checked its integer, after collecting all valid data, by data with And send base station to after the random number that certification broadcast phase receives is packed, random number and cluster head that base station is broadcasted The random number that node sends is contrasted, consistent to verify whether, if the link adopted unanimously between leader cluster node and base station is recognized Card.

In the present embodiment said method, base station periodically updates security control information, has ensured the robust of key mechanism Property.The present embodiment method conducts an election in the cluster stage after leader cluster node, chooses an optimum cluster for each leader cluster node Head node sends test data to monitored cluster head section as monitoring leader cluster node, the monitoring leader cluster node with dual identity Point, then sent to base station by monitored leader cluster node, monitoring leader cluster node sends and follows the trail of packet to base station simultaneously, wherein follows the trail of Packet is one kind tracking to test data bag, and base station receives test data bag and detects the right of them after following the trail of packet Should be related to, to detect that network whether there is the aggressive behaviors such as packet loss；Wireless sensor network is enable effectively to resist multiple attacking Hit, improve the safety of wireless sensor network.The security control information of wherein base station broadcast includes a random number, works as cluster Head node sends data to and carries the random number receiving in certification broadcast phase during base station, the random number that base station is broadcasted and The random number that leader cluster node sends is contrasted, consistent to verify whether, thus realizing the link between leader cluster node and base station Certification, further increases the safety of data transfer.

In the present embodiment step S2, the network master key chain of base station stored is hash chain, and base station is in radio network master key chain When consider the backward security of key, after will be unable to be inferred to according to the key of previous round, the key of a wheel is so that network The current wheel secondary key that interior joint cannot be grasped because of itself deduces next round key, further increases the safety of system Property.Base station periodically updates network master key and node blacklist in each wheel, if node blacklist does not change, Will be without broadcast node blacklist during next round.Fixed to the node of leader cluster node by sending deficiency of data bag wherein in step S4 Justice is doubtful malicious node, when node is sent to the deficiency of data bag number of times accounting of leader cluster node more than f%, by this node It is defined as blacklist, and node black list information is sent to by base station by leader cluster node, base station more new node black list information.? In the present embodiment, f is 5%.

In the present embodiment, the network master key chain of base station stored is：

K₁,K₂,...,K_m-1,K_m；

Wherein m is the number of network master key in network master key chain；Network master key chain meets following relation：

K₁=HASH (K₂)

K₂=HASH (K₃)；

......

K_m-1=HASH (K_m)

When base station is to the whole network broadcast safe control information, the first round is to the whole network radio network master key K₁, second takes turns to complete Net radio network master key K₂, the like, take turns to the whole network radio network master key K in m_m；

In the present embodiment step S2, base station needs to be encrypted to the data that the whole network is broadcasted, base station in the present embodiment Each data msg taken turns to the whole network broadcast_iFor：

Wherein badList is node blacklist, K_iThe network master key broadcasted to the whole network for the i-th wheel base station,For base Stand in the random number that the i-th wheel generates；

The data that base station is broadcasted to the whole network is broadcasted after encryption, and the data of concrete broadcast is：

WhereinIt is the msg to be sent to base station using the RC5 AES under CBC pattern_i The encryption of cleartext information row obtains cipher-text information；WhereinFor generate based on MD5'sThe message authentication code of cipher-text information, specifically, this message authentication code is numerically equal to close Calculated MD5 value after civilian message and network master key splicing.Represent that base station is broadcasted to the whole network.

In the present embodiment step S2, all nodes after getting the network master key of base station broadcast, using the Kazakhstan prestoring Uncommon function verifies the correctness of network master key, confirms that the network master key receiving is rationally effective, if wherein node obtains The network master key got meets below equation then it is assumed that the network master key getting is correct：

K_i-1=HASH (K_i)；

Wherein K_iFor node in the i-th wheel i.e. when front-wheel broadcast gets network master key, K_i-1For node in the i-th -1 wheel it is Previous round broadcast gets network master key.

The security control information of the present embodiment step S2 interior joint storage includes node key and blacklist list, and node exists After having verified the correctness of network master key, according to the network master key that it receives, its node key is entered by below equation Row updates：

WhereinNode key before updating for node j i-th wheel, i.e. the node key of the i-th -1 wheel storage, wherein The node key obtaining after the i-th wheel updates for node j, K_iTake turns the network master key of broadcast for base station broadcast i-th, that is, node exists I-th wheel gets network master key, id_jIdentity marks for node j；Wherein set J is the collection of all nodes in network Close；

In the present embodiment step S3 after node x is elected as leader cluster node, the network master key that will be received according to it Generate with the identity marks of node with the cluster key from the current cluster as cluster head：

WhereinThe cluster key generating for leader cluster node x i-th wheel, K_iClose for the network master of base station broadcast i-th wheel broadcast Key, id_xFor the identity marks of leader cluster node x, nodes X is leader cluster node set, wherein X ∈ J in network；

In the present embodiment, leader cluster node x i-th takes turns and includes cluster head information ADV_CH to the information of the whole network broadcast_xAnd random numberWherein leader cluster node x i-th takes turns and to the information of the whole network broadcast is：

Above- mentioned information is only broadcasted, specially for after encryption：

WhereinThe base station counter value of the whole network nodes sharing producing for the i-th wheel base station counter；It is using the RC5 AES pair under CBC patternCleartext information is encrypted and obtains ciphertext Information；For generating based on MD5'sCipher-text information Message authentication code, specifically, this Message Authentication Code is numerically equal to cipher-text informationClose with node Calculated MD5 value after key splicing；Represent that leader cluster node x i-th takes turns to the whole network broadcast.

In the present embodiment step S3 ordinary node send when entering cluster its leader cluster node broadcast phase receive random Number, leader cluster node verifies whether the random number of its broadcast is consistent with the random number that ordinary node sends, if unanimously, link authentication Complete.

In the present embodiment step S3, monitoring leader cluster node, when entering the monitored leader cluster node of cluster, sends it wide in leader cluster node The random number that the stage of broadcasting receives, monitored leader cluster node verifies that the random number of its broadcast is random with what monitoring leader cluster node sent Whether number is consistent, if unanimously, link authentication completes.

Link between above-mentioned ordinary node and leader cluster node and between monitoring leader cluster node and monitored leader cluster node Certification further increases safety in data transfer for the present embodiment method.

In described step S3 after cluster stage election of cluster head, elected leader cluster node generates cluster key.

Adopt before in the present embodiment step S4, ordinary node y carries out data transmission after obtaining the time slot in its affiliated cluster RC5 AES under CBC pattern is encrypted, and detailed process is as follows：

Carry out the encryption of data initially with node key, simultaneously incidentally message authentication code, obtain packet

Wherein msg_yFor ordinary node y data to be transmitted, i.e. cleartext information；For ordinary node y in the i-th node taken turns Counter Value, is the remainder sum of base station counter value radix and node counter, as the initial vector of block encryption, wherein remaining Number works as front-wheel data packet count value for node；The random number that ordinary node y generates in the i-th wheel；I is when front-wheel number,For Ordinary node y is in the node key of the i-th wheel；Wherein Y is ordinary node set, wherein Y ∈ J in network；X∪ Y=J；

WhereinIt is to msg using the RC5 AES under CBC pattern_yAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and node counts The remainder of device value is spliced；

Then it is directed to packetEncrypted again, obtained packet

WhereinThe cluster key generating by the leader cluster node x of the entered cluster of ordinary node y,For base station counter i-th The Counter Value of the whole network nodes sharing that wheel produces；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationWith calculated MD5 value after node key splicing.

Finally by the above-mentioned packet encrypted again and obtainAnd the remainder of node counter sends ordinary node to The leader cluster node of place cluster, is then forwarded to base station by leader cluster node.

In the present embodiment step S4, monitoring leader cluster node z passes after getting the time slot of its monitored leader cluster node z ' place cluster To its monitored leader cluster node, this test data bag adopts the RC5 encryption under CBC pattern to calculate to defeated test data bag before being transmitted Method is encrypted, and detailed process is as follows：

Carry out the encryption of data initially with leader cluster node key, simultaneously incidentally message authentication code, obtain packet

It is whereinTake turns test data bag to be sent for monitoring leader cluster node z i-th,For monitoring cluster head The random number that node z i-th wheel generates,Node counter value for monitoring leader cluster node z i-th wheel；For monitoring cluster head The node key of node z i-th wheel；

It is using the RC5 AES pair under CBC patternWith Random numberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor generating the ciphertext letter based on MD5 BreathMessage authentication code；Specifically, this Message Authentication Code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and leader cluster node enumerator The remainder of value is spliced；

Then it is directed to packetEncrypted again, obtained：

WhereinThe cluster key generating for monitored leader cluster node z '；

Finally the above-mentioned packet obtaining of encrypting again is transferred to monitored leader cluster node by monitoring leader cluster node：

In described step S4, monitoring leader cluster node is transferred to the tracking packet of base station before being transmitted using under CBC pattern RC5 AES and be encrypted, detailed process is as follows：Carry out the encryption of data using its leader cluster node key, send simultaneously Band message authentication code, obtains packet

It is whereinFor following the trail of packet,The random number generating for monitoring leader cluster node z i-th wheel,Node counter value for monitoring leader cluster node z i-th wheel；Node key for monitoring leader cluster node z i-th wheel；

WhereinIt is to tracking using the RC5 AES under CBC pattern PacketAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor the ciphertext based on MD5 generating InformationMessage authentication code, specifically, this message authentication code is numerically etc. In cipher-text informationCalculated MD5 value after splicing with node key, then The remainder of MD5 value and node counter value is spliced.

In step S4 described in the present embodiment, leader cluster node is verified when receiving the packet of cluster interior nodes transmission, then Packet is decrypted, the packet after being deciphered：

WhereinIt is sent to the packet of leader cluster node for node j i-th wheel,Take turns for base station counter i-th and produce The Counter Value of raw the whole network nodes sharing；K_ch-jThe cluster key generating in the i-th wheel place cluster for leader cluster node x；Cluster Packet after the i-th wheel deciphering for the head node x；

Then the packet plaintext that the i-th wheel is received by leader cluster nodeThe identity marks information of leader cluster node x id_x, leader cluster node x i-th wheel generate random numberAnd base station generates random number in the i-th wheelCarry out after packing Compression processes and obtains packet

Furthermore by packetObtained using the RC5 AES encryption under CBC pattern：

WhereinNode counter value for leader cluster node x i-th wheel；

Finally the data after above-mentioned encryption is sent to base station.

From the foregoing, the packet that in the present embodiment method, ordinary node transmits to leader cluster node, monitoring leader cluster node The packet transmitting to base station to packet and the leader cluster node of the transmission of monitored leader cluster node is through encrypting and adding Plus the packet after message authentication code, wherein each node random number that one node of connection generates when generating cipher-text information, with Ensure that cipher-text information can resist known ciphertext only attack.

In the present embodiment step S3, the threshold formula of the cluster head election algorithm that each node runs is：

Wherein p is leader cluster node accounting, r is when front-wheel number, G are in the set of node not also being elected as leader cluster node when front-wheel Close；E_curN () is node n current remaining, E_aveIt is as the average residual energy of all surviving node of front-wheel, dis_toBS(n) For the distance of node n and base station, dis_ave2bsFor the average distance of all nodes and base station, λ₁、λ₂For weights coefficient, and there is λ₁+ λ₂=1.

In the present embodiment step S3, each ordinary node according to it, select by the cluster head relative importance value and each leader cluster node between Excellent leader cluster node carries out into cluster, and wherein between ordinary node and leader cluster node, cluster head relative importance value computing formula is as follows：

Wherein optDeg (y, x) is the cluster head relative importance value between ordinary node y and leader cluster node；

Wherein P_chThe leader cluster node x broadcast signal strength that (y, x) receives for ordinary node y；

Wherein p_{ch_ave}Y average leader cluster node broadcast signal strength that () receives for ordinary node y；

Wherein dis_ch2bsX () is the distance of leader cluster node x and base station；

Wherein dis_ave2bsAverage distance for all nodes and base station；

Wherein E_chX () is the dump energy of leader cluster node x；

Wherein E_aveFor average leader cluster node dump energy；

Additionally, η₁、η₂、η₃For weighting parameter, and meet η₁+η₂+η₃=1；

Wherein Y is the set of ordinary node in network, and X is the set of leader cluster node in network；

Cluster head relative importance value between ordinary node and each leader cluster node is calculated by above formula, then select with its it Between the maximum leader cluster node of cluster head relative importance value send request into clusters as optimum leader cluster node, then to optimum leader cluster node：

WhereinThe solicited message sending for ordinary node y i-th wheel, including the request into clusters information of the i-th wheelThe random number generating with the i-th wheel

WhereinIt is using the RC5 AES pair under CBC patternCleartext information It is encrypted and obtain cipher-text information；

WhereinThe cipher-text information based on MD5 generatingMessage authentication code；SN_y→CH_m:Represent that ordinary node y transmits into cluster to optimum leader cluster node m Request；

In described step S3, each leader cluster node chooses optimum cluster according to the cluster head relative importance value between itself and other leader cluster node Head node monitors leader cluster node as it, and the cluster head relative importance value computing formula wherein between leader cluster node and other leader cluster nodes is such as Under：

Wherein optDeg (x, n ") is the cluster head relative importance value between leader cluster node x and other leader cluster nodes；

Wherein P_chOther leader cluster nodes n " broadcast signal strength that (x, n ") receives for leader cluster node x；

Wherein p_{ch_ave}X other leader cluster nodes average leader cluster node broadcast signal strength that () receives for leader cluster node x；

Wherein dis_ch2bs(n ") is other leader cluster nodes n " with the distance of base station；

Wherein dis_ave2bsAverage distance for all nodes and base station；

Wherein E_ch(n ") be other leader cluster nodes n " dump energy；

Wherein E_ave' for other all leader cluster nodes average leader cluster node dump energy；

Additionally, α₁、α₂、α₃For weighting parameter, and meet α₁+α₂+α₃=1；

Cluster head relative importance value between each leader cluster node and other leader cluster nodes is calculated by above formula, then select with Between it, other maximum leader cluster nodes of cluster head relative importance value are as monitoring leader cluster node.

Assume the cluster formation stages in a certain wheel, node A, B, C, D are elected as leader cluster node.The prison of leader cluster node A Controlling cluster-head node selection strategy is：Leader cluster node A also can receive the cluster head of leader cluster node B, C, D while broadcasting cluster head information Broadcast, leader cluster node A, after the cluster head relative importance value optDeg calculating the cluster head broadcast that leader cluster node B, C, D send, selects The maximum cluster head of optDeg data is as the monitoring cluster head of leader cluster node A, such as leader cluster node B.Then, leader cluster node A sends out to B Send and ask into cluster message package BEG_JOIN, the effect of this message package is that request leader cluster node B is added in the cluster of leader cluster node A, Member node as leader cluster node A：

WhereinThe random number generating in the i-th wheel for leader cluster node A,For leader cluster node A The request sending enters cluster information, CH_A→CH_BRepresent that leader cluster node A sends request to leader cluster node B.

WhereinIt is to tracking packet using the RC5 AES under CBC pattern Cleartext information is encrypted and obtains cipher-text information；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code；

Leader cluster node B after receiving the request bag that leader cluster node A sends, after the reliability of certification message, to leader cluster node A Send request into clusters：

WhereinThe request into clusters information sending for leader cluster node B, CH_B→CH_ARepresent that B sends to A Request.

WhereinIt is to tracking packet using the RC5 AES under CBC patternBright Civilian information is encrypted and obtains cipher-text information；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code；

Leader cluster node A is receiving the request into clusters of leader cluster node B, and after completing relevant authentication, leader cluster node A is monitored with it The corresponding relation of leader cluster node B is also just set up.

From the foregoing, the present embodiment method is when cluster stage leader cluster node is elected, by residue energy of node, node with Base station as election according to so that node more than current remaining and and the node near with base station distance be elected to cluster head probability Larger.Consider when optimum leader cluster node is chosen simultaneously the residual energy energy of leader cluster node, leader cluster node and base station away from From and leader cluster node and ordinary node with a distance from, can effectively reduce the power consumption of system, and select most suitable cluster head Node and optimum leader cluster node.

In the present embodiment when wireless sensor network is for scene as shown in table 1, then weights in the present embodiment said method Parameter lambda₁For 0.8, λ₂For 0.2, η₁For 0.7, η₂For 0.2, η₃For 0.1, α₁For 0.7, α₂For 0.2, α₃For 0.1；

Table 1

Parameter type	Numerical value
		Simulated scenario size	100m x 100m
Node number	100
		Base station location	(50,175)
Start node energy	2J
		Dwell time is forced in emulation	3600s
Expect leader cluster node accounting	5%
		Leader cluster node size of data	25bytes
Message packets size	500bytes
		Radio-circuit transmission consumes	5e-9j/bit
Radio-circuit is run and is consumed	50e-9j
		Free space model amplifier multiple	10pj/bit/m4
Multichannel attenuation model amplifier multiple	0.0013pj/bit/m2
		Data fusion energy expenditure	5e-9j/bit/signal
Time stabilization sub stage accounting	95%

It is illustrated in figure 2 wireless sensor network in above-mentioned table 1 scene lower network dump energy schematic diagram.As shown in Figure 2 For wireless sensor network in above-mentioned table 1 scene lower node existing state schematic diagram." secure-leach " curve is not low The performance curve of the improvements in security agreement under power dissipation design strategy scenarios is it is seen then that when the introducing of security mechanism makes system survival Between reduce 19.8%." leach-lpsi " though curve be have low power dissipation design strategy improvements in security agreement it can be seen that So all multiple securities mechanisms of the present embodiment method make network entirety energy consumption aggravation, but due to employing the design plan of low-power consumption Slightly, there are many raisings in terms of energy-conservation, and exceeded the level of LEACH agreement.It is illustrated in figure 4 under above-mentioned table 1 scene, Certain monitoring TEST bag of leader cluster node and the base station reception amount of TRACE bag.Base station is according to the corresponding feelings of TRACE bag and TEST bag Condition, determines this cluster head and has packet loss attack suspicion, and alert, further notifies the whole network.It can be seen that, the present embodiment Method in addition to there is Prevention-Security ability, also to malicious cluster heads node initiate Tampering attack, packet loss attack have certain Attack detecting ability.

The present embodiment has merged a series of security mechanism of lightweights based on the improved method for routing of LEACH agreement, possesses Certain Prevention-Security and attack detecting ability.The method has effective defensive ability/resistance ability to external attack, and external attacker does not have There is legal identity information, also there is no the key parameter of network it is impossible to damage to the confidentiality of network simultaneously.The method pair Replay Attack that the person of internaling attack starts, Tampering attack, packet loss attack, known ciphertext only attack etc. also have effective Prevention-Security Power of test.The layout strategy of low-power consumption reduces network energy consumption, extends network survival time, has substantially achieved LEACH The energy consumption level of agreement.

Above-described embodiment is the present invention preferably embodiment, but embodiments of the present invention are not subject to above-described embodiment Limit, other any spirit without departing from the present invention and the change made under principle, modification, replacement, combine, simplify, All should be equivalent substitute mode, be included within protection scope of the present invention.

Claims (10)

1. a kind of wireless sensor network routing method based on LEACH agreement is it is characterised in that step is as follows：

The all nodes of S1, the whole network carry out initialization deployment；

S2, entrance certification broadcast phase：Base station includes the data of security control information and periodically updates to the whole network broadcast Security control information, this security control information includes a random number, and each node is believed in the security control getting base station broadcast After breath, the correctness of this security control information is verified, after having verified, currently stored security control information is carried out Update；Certification broadcast phase enters step S3 after terminating；

S3, entrance cluster stage：All nodes run cluster head election algorithms, and after completing election of cluster head, elected leader cluster node is to complete Net broadcast message, all ordinary nodes, after the broadcast message receiving multichannel leader cluster node, select optimum leader cluster node to carry out Enter cluster；Meanwhile, the leader cluster node broadcast message that each leader cluster node receives according to it, chooses optimum leader cluster node and monitors as it Leader cluster node, and ask into cluster information so that monitoring leader cluster node to enter cluster to monitored cluster head to monitoring leader cluster node transmission Node place cluster；

The stable data transfer phase of S4, entrance：All ordinary nodes carry out data after obtaining the time slot in its affiliated cluster Transmission, transfers data to the cluster head of its place cluster；Monitoring leader cluster node gets its monitored leader cluster node place cluster simultaneously Time slot after, transmitting test data bag is to its monitored leader cluster node, and transmits tracking data bag to base station；Leader cluster node connects Verified after receiving the data in cluster and checked its integrity, after collecting all valid data, by data and recognizing The random number that card broadcast phase receives sends base station to after being packed, and the random number that base station is broadcasted and leader cluster node are sent out The random number sending is contrasted, consistent to verify whether, if adopting the link authentication between leader cluster node and base station unanimously.

2. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute State generation, the distribution of the whole network node identification and the symmetric-key security algorithm that initialization deployment in step S1 includes base station key chain Storage.

3. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute State the security control information that in step S2, base station is broadcasted to the whole network and include network master key and node blacklist；Base station is wide to the whole network The network master key broadcast is derived from the network master key chain of base station stored；The network master key chain of wherein base station stored is hash chain； Base station periodically updates network master key and node blacklist in each wheel, if node blacklist does not change, under Will be without broadcast node blacklist during one wheel；

In described step S4 by send deficiency of data bag to leader cluster node node definition be doubtful malicious node, when node is sent out When the deficiency of data bag number of times accounting giving leader cluster node is more than f%, this node definition is blacklist, and by leader cluster node Node black list information is sent to base station, base station more new node black list information.

4. the wireless sensor network routing method based on LEACH agreement according to claim 3 is it is characterised in that base Stand storage network master key chain be：

K₁,K₂,...,K_m-1,K_m；

Wherein m is the number of network master key in network master key chain；Network master key chain meets following relation：

K₁=HASH (K₂)

K₂=HASH (K₃)

......

K_m-1=HASH (K_m)

When base station is to the whole network broadcast safe control information, the first round is to the whole network radio network master key K₁, second takes turns to the whole network broadcast Network master key K₂, the like, take turns to the whole network radio network master key K in m_m；

In this step, base station needs to be encrypted to the data that the whole network is broadcasted, and base station is each in the present embodiment takes turns to the whole network Data msg of broadcast_iFor：

${\mathrm{msg}}_i=badList\left|K_i\right|N_{bs}^i;$

Wherein badList is node blacklist, K_iThe network master key broadcasted to the whole network for the i-th wheel base station,For base station The random number that i wheel generates；

The data that base station is broadcasted to the whole network is broadcasted after encryption, and the data of concrete broadcast is：

$BS\⇒*:\left\{{\mathrm{msg}}_i\right\}(K_{i-1},C_{bs}^i)|MAC\left(K_{i-1}\right|\left\{{\mathrm{msg}}_i\right\}\left(K_{i-1},C_{bs}^i\right));$

WhereinIt is the msg to be sent to base station using the RC5 AES under CBC pattern_iIn plain text The encryption of information row obtains cipher-text information；WhereinFor generating based on MD5'sThe message authentication code of cipher-text information, specifically, this message authentication code is numerically equal to ciphertext and disappears Calculated MD5 value after breath and network master key splicing；Represent that base station is broadcasted to the whole network；

In described step S2, all nodes, after getting the network master key of base station broadcast, are tested using the hash function prestoring The correctness of card network master key, confirms that the network master key receiving is rationally effective, if the net that wherein node gets Network master key meets below equation then it is assumed that the network master key getting is correct：

K_i-1=HASH (K_i)；

Wherein K_iFor node in the i-th wheel i.e. when front-wheel broadcast gets network master key, K_i-1It is previous round for node in the i-th -1 wheel Broadcast gets network master key.

5. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute The security control information stating the storage of step S2 interior joint includes node key and blacklist list, and node is to have verified network master close After the correctness of key, according to the network master key that it receives, its node key is updated by below equation：

$K_j^i=(K_j^{i-1}\⊕{\mathrm{id}}_j)\⊕K_i,j\∈J;$

WhereinNode key before updating for node j i-th wheel, i.e. the node key of the i-th -1 wheel storage, whereinFor section The node key that point j obtains after the i-th wheel updates, K_iFor the network master key of base station broadcast i-th wheel broadcast, that is, node is i-th Wheel gets network master key, id_jIdentity marks for node j；Wherein J is the set of all nodes in network；

In described step S3 after node x is elected as leader cluster node, by the network master key being received according to it and node Identity marks generate with the cluster key from the current cluster as cluster head：

$K_{ch-x}^i=K_i\⊕{\mathrm{id}}_x,x\∈X;$

WhereinThe cluster key generating for leader cluster node x i-th wheel, K_iThe network master key broadcasted for base station broadcast i-th wheel, id_xFor the identity marks of leader cluster node x, X is leader cluster node set, wherein X ∈ J in network；

In this step, leader cluster node x i-th takes turns and includes cluster head information ADV_CH to the information of the whole network broadcast_xAnd random number Wherein leader cluster node x i-th takes turns and to the information of the whole network broadcast is：

${\mathrm{msg}}_x^i=ADV\_{\mathrm{CH}}_x|N_{ch-x}^i;$

Above- mentioned information is only broadcasted, specially for after encryption：

${\mathrm{CH}}_j^i\⇒*:\left\{{\mathrm{msg}}_x^i\right\}\left(K_i,C_{bs}^i\right)|MAC\left(K_i|\left\{{\mathrm{msg}}_x^i\right\}\left(K_i,C_{bs}^i\right)\right)$

WhereinThe base station counter value of the whole network nodes sharing producing for the i-th wheel base station counter； It is using the RC5 AES pair under CBC patternCleartext information is encrypted and obtains cipher-text information；For generating based on MD5'sThe disappearing of cipher-text information Breath authentication code, specifically, this Message Authentication Code is numerically equal to cipher-text informationWith node key Calculated MD5 value after splicing；Represent that leader cluster node x i-th takes turns to the whole network broadcast；

Ordinary node sends the random number that it receives in leader cluster node broadcast phase when entering cluster, and leader cluster node verifies its broadcast Random number whether consistent with the random number that ordinary node sends, if unanimously, link authentication completes；

In described step S3, monitoring leader cluster node, when entering the monitored leader cluster node of cluster, sends it and connects in leader cluster node broadcast phase The random number receiving, monitored leader cluster node verifies random number that the random number of its broadcast sent whether with monitoring leader cluster node Cause, if unanimously, link authentication completes；

In described step S3 after cluster stage election of cluster head, elected leader cluster node generates cluster key.

6. the wireless sensor network routing method based on LEACH agreement according to claim 5 is it is characterised in that institute State the RC5 adopting before ordinary node y carries out data transmission after obtaining the time slot in its affiliated cluster in step S4 under CBC pattern AES is encrypted formula, and detailed process is as follows：

Carry out the encryption of data initially with node key, simultaneously incidentally message authentication code, obtain packet

$\begin{array}{c}{\mathrm{Msg}}_y^i=\left\{{\mathrm{msg}}_y\right|N_y^i\left\}(K_y^i,C_y^i)\right|MAC\left(K_y^i\right|\left\{{\mathrm{msg}}_y\right|N_y^i\left\}\right(K_y^i,C_y^i\left)\right),\\ y\∈Y;\end{array}$

Wherein msg_yFor ordinary node y data to be transmitted, i.e. cleartext information；For ordinary node y in the i-th node counts taken turns Device value, is the remainder sum of base station counter value radix and node counter, as the initial vector of block encryption, wherein remainder is Node works as front-wheel data packet count value；The random number that ordinary node y generates in the i-th wheel；I is when front-wheel number,For common Node y is in the node key of the i-th wheel；Wherein Y is ordinary node set, wherein Y ∈ J in network；X ∪ Y= J；

WhereinIt is to msg using the RC5 AES under CBC pattern_yAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and node counts The remainder of device value is spliced；

Then it is directed to packetEncrypted again, obtained packet

${\mathrm{MSG}}_y^i=\left\{{\mathrm{Msg}}_y^i\right\}(K_{ch-j},C_{bs}^i)|MAC\left(K_{ch-x}^i\right|\left\{{\mathrm{Msg}}_y^i\right\}\left(K_{ch-x}^i,C_{bs}^i\right));$

WhereinThe cluster key generating by the leader cluster node x of the entered cluster of ordinary node y,Take turns for base station counter i-th and produce The Counter Value of raw the whole network nodes sharing；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationWith calculated MD5 value after node key splicing；

Finally by the above-mentioned packet encrypted again and obtainAnd the remainder of node counter sends ordinary node to and is located The leader cluster node of cluster, is then forwarded to base station by leader cluster node.

7. the wireless sensor network routing method based on LEACH agreement according to claim 5 it is characterised in that

In described step S4, monitoring leader cluster node z gets transmission test number after the time slot of its monitored leader cluster node z ' place cluster According to bag to its monitored leader cluster node, this test data bag carries out adding using the RC5 AES under CBC pattern before being transmitted Close, detailed process is as follows：

Carry out the encryption of data initially with leader cluster node key, simultaneously incidentally message authentication code, obtain packet

$\begin{array}{c}{\mathrm{msg}}_z^i=\left\{{\mathrm{TEST}}_z^i\right|N_{ch-z}^i\left\}(K_z^i,C_{ch-z}^i)\right|MAC\left(K_z^i\right|\left\{{\mathrm{TEST}}_z^i\right|N_{ch-z}^i\left\}\right(K_z^i,C_{ch-z}^i\left)\right);\\ z\∈X;\end{array}$

It is whereinTake turns test data bag to be sent for monitoring leader cluster node z i-th,For monitoring leader cluster node z The random number that i-th wheel generates,Node counter value for monitoring leader cluster node z i-th wheel；For monitoring leader cluster node z The node key of the i-th wheel；

It is using the RC5 AES pair under CBC patternWith random NumberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code；Specifically, this Message Authentication Code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and leader cluster node enumerator The remainder of value is spliced；

Then it is directed to packetEncrypted again, obtained：

$\begin{array}{c}\left\{{\mathrm{msg}}_z^i\right\}(K_{ch-z^{\′}}^i,C_{bs}^i)|MAC\left(K_{ch-j}^{\′}\right|\left\{{\mathrm{msg}}_z^i\right\}\left(K_{ch-i}^{\′},C_{bs}^i\right));\\ z^{\′}\∈X;\end{array}$

WhereinThe cluster key generating for monitored leader cluster node z '；

Finally the above-mentioned packet obtaining of encrypting again is transferred to monitored leader cluster node by monitoring leader cluster node：

In described step S4, monitoring leader cluster node is transferred to the tracking packet of base station before being transmitted using under CBC pattern RC5 AES is encrypted, and detailed process is as follows：Carry out the encryption of data using its leader cluster node key, incidentally disappear simultaneously Breath authentication code, obtains packet

${\mathrm{msg}}_z^{\′i}=\left\{{\mathrm{TRACE}}_z^i\right|N_{ch-z}^i\left\}(K_z^i,C_{ch-z}^i)\right|MAC\left(K_z^i\right|\left\{{\mathrm{TRACE}}_z^i\right|N_{ch-z}^i\left\}\right(K_z^i,C_{ch-z}^i\left)\right);$

It is whereinFor following the trail of packet,The random number generating for monitoring leader cluster node z i-th wheel, Node counter value for monitoring leader cluster node z i-th wheel；Node key for monitoring leader cluster node z i-th wheel；

WhereinIt is to tracking data using the RC5 AES under CBC pattern BagAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information；

WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to close Civilian informationCalculated MD5 value after splicing with node key, then by MD5 The remainder of value and node counter value is spliced.

8. the wireless sensor network routing method based on LEACH agreement according to claim 6 is it is characterised in that institute State leader cluster node in step S4 to be verified when receiving the packet of cluster interior nodes transmission, then packet be decrypted, Packet after being deciphered：

${\mathrm{Msg}}_x^i=D(K_{ch-x}^i,C_{bs}^i,{\mathrm{MSG}}_j^i);$

WhereinIt is sent to the packet of leader cluster node for node j i-th wheel,Produce for base station counter i-th wheel The Counter Value of the whole network nodes sharing；K_ch-jThe cluster key generating in the i-th wheel place cluster for leader cluster node x；Cluster head section Packet after the i-th wheel deciphering for the point x；

Then the packet plaintext that the i-th wheel is received by leader cluster nodeIdentity marks information id of leader cluster node x_x, cluster The random number that head node x generates in the i-th wheelAnd base station generates random number in the i-th wheelIt is compressed after packing locating Reason obtains packet

${\mathrm{data}}_x^i={\mathrm{MSG}}_j^i\left|{\mathrm{id}}_x\right|N_{ch-x}^i|N_{bs}^i;$

Furthermore by packetObtained using the RC5 AES encryption under CBC pattern：

$\left\{{\mathrm{data}}_x^i\right\}(K_x^i,C_{ch-x}^i)|MAC\left(K_x^i\right|\left\{{\mathrm{data}}_x^i\right\}\left(K_x^i,C_{ch-x}^i\right));$

WhereinNode counter value for leader cluster node x i-th wheel；

Finally the data after above-mentioned encryption is sent to base station.

9. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute State in step S3, the threshold function table of the cluster head election algorithm that each node runs is：

Wherein p is leader cluster node accounting, r is when front-wheel number, G are in the node set not also being elected as leader cluster node when front-wheel； E_curN () is node n current remaining, E_aveIt is as the average residual energy of all surviving node of front-wheel, dis_toBSN () is section Point n and the distance of base station, dis_ave2bsFor the average distance of all nodes and base station, λ₁、λ₂For weights coefficient, and there is λ₁+λ₂= 1.

10. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute The cluster head relative importance value and each leader cluster node between is selected optimum leader cluster node and is carried out according to it to state in step S3 each ordinary node Enter cluster, wherein between ordinary node and leader cluster node, cluster head relative importance value computing formula is as follows：

$optDeg\left(y,x\right)={\mathrm{\η}}_1\frac{P_{ch}\left(y,x\right)}{p_{ch\_ave}\left(y\right)}+{\mathrm{\η}}_2\frac{{\mathrm{dis}}_{ave2bs}}{{\mathrm{dis}}_{ch2bs}\left(x\right)}+{\mathrm{\η}}_3\frac{E_{ch}\left(x\right)}{E_{ave}},y\∈Y,x\∈X;$

Wherein P_chThe leader cluster node x broadcast signal strength that (y, x) receives for ordinary node y；

Wherein p_{ch_ave}Y average leader cluster node broadcast signal strength that () receives for ordinary node y；

Wherein dis_ch2bsX () is the distance of leader cluster node x and base station；

Wherein dis_ave2bsAverage distance for all nodes and base station；

Wherein E_chX () is the dump energy of leader cluster node x；

Wherein E_aveFor average leader cluster node dump energy；

Additionally, η₁、η₂、η₃For weighting parameter, and meet η₁+η₂+η₃=1；

Wherein Y is the set of ordinary node in network, and X is the set of leader cluster node in network；

Cluster head relative importance value between ordinary node and each leader cluster node is calculated by above formula, then selects and cluster between it The maximum leader cluster node of head relative importance value sends request into clusters as optimum leader cluster node, then to optimum leader cluster node：

${\mathrm{msg}}_y^{\′i}=JOIN\_{\mathrm{REQ}}_y^i|N_{ch-y}^i;$

${\mathrm{SN}}_y\→{\mathrm{CH}}_m:\left\{{\mathrm{msg}}_y^{\′i}\right\}(K_i,C_{bs}^i)|MAC\left(K_i\right|\left\{{\mathrm{msg}}_y^{\′i}\right\}\left(K_i,C_{bs}^i\right));$

WhereinThe solicited message sending for ordinary node y i-th wheel, including the request into clusters information of the i-th wheelThe random number generating with the i-th wheelK_iThe network master key broadcasted in the i-th wheel for base station, The Counter Value of the whole network nodes sharing producing for base station counter i-th wheel；

WhereinIt is using the RC5 AES pair under CBC patternCleartext information carry out Encryption obtains cipher-text information；

WhereinThe cipher-text information based on MD5 generatingMessage authentication code；SN_y→CH_m:Represent that ordinary node y transmits into cluster to optimum leader cluster node m Request；

In described step S3, each leader cluster node chooses optimum cluster head section according to the cluster head relative importance value between itself and other leader cluster node Point monitors leader cluster node as it, and the cluster head relative importance value computing formula wherein between leader cluster node and other leader cluster nodes is as follows：

$optDeg\left(x,n^{\′\′}\right)={\mathrm{\α}}_1\frac{P_{ch}\left(x,n^{\′\′}\right)}{P_{ch\_ave}\left(x\right)}+{\mathrm{\α}}_2\frac{{\mathrm{dis}}_{ave2bs}}{{\mathrm{dis}}_{ch2bs}\left(n^{\′\′}\right)}+{\mathrm{\α}}_3\frac{E_{ch}\left(n^{\′\′}\right)}{{E_{ave}}^{\′}},n^{\′\′}\∈X;$

Wherein P_chOther leader cluster nodes n " broadcast signal strength that (x, n ") receives for leader cluster node x；

Wherein p_{ch_ave}X other leader cluster nodes average leader cluster node broadcast signal strength that () receives for leader cluster node x；

Wherein dis_ch2bs(n ") is other leader cluster nodes n " with the distance of base station；

Wherein dis_ave2bsAverage distance for all nodes and base station；

Wherein E_ch(n ") be other leader cluster nodes n " dump energy；

Wherein E_ave' for other all leader cluster nodes average leader cluster node dump energy；

Additionally, α₁、α₂、α₃For weighting parameter, and meet α₁+α₂+α₃=1；

Cluster head relative importance value between each leader cluster node and other leader cluster nodes is calculated by above formula, then select with its it Between other maximum leader cluster nodes of cluster head relative importance value as monitoring leader cluster node.